@@ -1,6 +1,6 @@

 Summary:	Linux API header files

 Name:		linux-api-headers

-Version:	4.9.154

+Version:	4.9.163

 Release:	1%{?dist}

 License:	GPLv2

 URL:		http://www.kernel.org/

@@ -8,7 +8,7 @@ Group:		System Environment/Kernel

 Vendor:		VMware, Inc.

 Distribution: Photon

 Source0:        http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz

-%define sha1 linux=1a506bd238df9dbdc81e6b74abc0bb751a45eb5b

+%define sha1 linux=8c716f0109f819a1e361853631ff885994c6b1d9

 BuildArch:	noarch

 Patch0:         Implement-the-f-xattrat-family-of-functions.patch

 %description

@@ -27,6 +27,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de

 %defattr(-,root,root)

 %{_includedir}/*

 %changelog

+*   Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.163-1

+-   Update to version 4.9.163

 *   Mon Feb 04 2019 Ajay Kaher <akaher@vmware.com> 4.9.154-1

 -   Update to version 4.9.154

 *   Mon Nov 26 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.140-1

deleted file mode 100644

@@ -1,172 +0,0 @@

-From 2b16f048729bf35e6c28a40cbfad07239f9dcd90 Mon Sep 17 00:00:00 2001

-From: Daniel Axtens <dja@axtens.net>

-Date: Wed, 31 Jan 2018 14:15:33 +1100

-Subject: [PATCH] net: create skb_gso_validate_mac_len()

-

-If you take a GSO skb, and split it into packets, will the MAC

-length (L2 + L3 + L4 headers + payload) of those packets be small

-enough to fit within a given length?

-

-Move skb_gso_mac_seglen() to skbuff.h with other related functions

-like skb_gso_network_seglen() so we can use it, and then create

-skb_gso_validate_mac_len to do the full calculation.

-

-Signed-off-by: Daniel Axtens <dja@axtens.net>

-Signed-off-by: David S. Miller <davem@davemloft.net>

-Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu>

- include/linux/skbuff.h | 16 +++++++++++++

- net/core/skbuff.c      | 63 +++++++++++++++++++++++++++++++++++++++-----------

- net/sched/sch_tbf.c    | 10 --------

- 3 files changed, 66 insertions(+), 23 deletions(-)

-

-diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h

-index 1b3a2f9..5d34da2 100644

-+++ b/include/linux/skbuff.h

-@@ -3077,6 +3077,7 @@ int skb_shift(struct sk_buff *tgt, struct sk_buff *skb, int shiftlen);

- void skb_scrub_packet(struct sk_buff *skb, bool xnet);

- unsigned int skb_gso_transport_seglen(const struct sk_buff *skb);

- bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu);

-+bool skb_gso_validate_mac_len(const struct sk_buff *skb, unsigned int len);

- struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features);

- struct sk_buff *skb_vlan_untag(struct sk_buff *skb);

- int skb_ensure_writable(struct sk_buff *skb, int write_len);

-@@ -3855,6 +3856,21 @@ static inline unsigned int skb_gso_network_seglen(const struct sk_buff *skb)

- 	return hdr_len + skb_gso_transport_seglen(skb);

- }

- 

-+/**

-+ * skb_gso_mac_seglen - Return length of individual segments of a gso packet

-+ *

-+ * @skb: GSO skb

-+ *

-+ * skb_gso_mac_seglen is used to determine the real size of the

-+ * individual segments, including MAC/L2, Layer3 (IP, IPv6) and L4

-+ * headers (TCP/UDP).

-+ */

-+static inline unsigned int skb_gso_mac_seglen(const struct sk_buff *skb)

-+{

-+	unsigned int hdr_len = skb_transport_header(skb) - skb_mac_header(skb);

-+	return hdr_len + skb_gso_transport_seglen(skb);

-+}

-+

- /* Local Checksum Offload.

-  * Compute outer checksum based on the assumption that the

-  * inner checksum will be offloaded later.

-diff --git a/net/core/skbuff.c b/net/core/skbuff.c

-index 9f697b0..5945bf4 100644

-+++ b/net/core/skbuff.c

-@@ -4442,37 +4442,74 @@ unsigned int skb_gso_transport_seglen(const struct sk_buff *skb)

- EXPORT_SYMBOL_GPL(skb_gso_transport_seglen);

- 

- /**

-- * skb_gso_validate_mtu - Return in case such skb fits a given MTU

-+ * skb_gso_size_check - check the skb size, considering GSO_BY_FRAGS

-  *

-- * @skb: GSO skb

-- * @mtu: MTU to validate against

-+ * There are a couple of instances where we have a GSO skb, and we

-+ * want to determine what size it would be after it is segmented.

-  *

-- * skb_gso_validate_mtu validates if a given skb will fit a wanted MTU

-- * once split.

-+ * We might want to check:

-+ * -    L3+L4+payload size (e.g. IP forwarding)

-+ * - L2+L3+L4+payload size (e.g. sanity check before passing to driver)

-+ *

-+ * This is a helper to do that correctly considering GSO_BY_FRAGS.

-+ *

-+ * @seg_len: The segmented length (from skb_gso_*_seglen). In the

-+ *           GSO_BY_FRAGS case this will be [header sizes + GSO_BY_FRAGS].

-+ *

-+ * @max_len: The maximum permissible length.

-+ *

-+ * Returns true if the segmented length <= max length.

-  */

--bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu)

--{

-+static inline bool skb_gso_size_check(const struct sk_buff *skb,

-+				      unsigned int seg_len,

-+				      unsigned int max_len) {

- 	const struct skb_shared_info *shinfo = skb_shinfo(skb);

- 	const struct sk_buff *iter;

--	unsigned int hlen;

--

--	hlen = skb_gso_network_seglen(skb);

- 

- 	if (shinfo->gso_size != GSO_BY_FRAGS)

--		return hlen <= mtu;

-+		return seg_len <= max_len;

- 

- 	/* Undo this so we can re-use header sizes */

--	hlen -= GSO_BY_FRAGS;

-+	seg_len -= GSO_BY_FRAGS;

- 

- 	skb_walk_frags(skb, iter) {

--		if (hlen + skb_headlen(iter) > mtu)

-+		if (seg_len + skb_headlen(iter) > max_len)

- 			return false;

- 	}

- 

- 	return true;

- }

-+

-+/**

-+ * skb_gso_validate_mtu - Return in case such skb fits a given MTU

-+ *

-+ * @skb: GSO skb

-+ * @mtu: MTU to validate against

-+ *

-+ * skb_gso_validate_mtu validates if a given skb will fit a wanted MTU

-+ * once split.

-+ */

-+bool skb_gso_validate_mtu(const struct sk_buff *skb, unsigned int mtu)

-+{

-+	return skb_gso_size_check(skb, skb_gso_network_seglen(skb), mtu);

-+}

- EXPORT_SYMBOL_GPL(skb_gso_validate_mtu);

- 

-+/**

-+ * skb_gso_validate_mac_len - Will a split GSO skb fit in a given length?

-+ *

-+ * @skb: GSO skb

-+ * @len: length to validate against

-+ *

-+ * skb_gso_validate_mac_len validates if a given skb will fit a wanted

-+ * length once split, including L2, L3 and L4 headers and the payload.

-+ */

-+bool skb_gso_validate_mac_len(const struct sk_buff *skb, unsigned int len)

-+{

-+	return skb_gso_size_check(skb, skb_gso_mac_seglen(skb), len);

-+}

-+EXPORT_SYMBOL_GPL(skb_gso_validate_mac_len);

-+

- static struct sk_buff *skb_reorder_vlan_header(struct sk_buff *skb)

- {

- 	int mac_len;

-diff --git a/net/sched/sch_tbf.c b/net/sched/sch_tbf.c

-index 303355c..ad60a45 100644

-+++ b/net/sched/sch_tbf.c

-@@ -142,16 +142,6 @@ static u64 psched_ns_t2l(const struct psched_ratecfg *r,

- 	return len;

- }

- 

--/*

-- * Return length of individual segments of a gso packet,

-- * including all headers (MAC, IP, TCP/UDP)

-- */

--static unsigned int skb_gso_mac_seglen(const struct sk_buff *skb)

--{

--	unsigned int hdr_len = skb_transport_header(skb) - skb_mac_header(skb);

--	return hdr_len + skb_gso_transport_seglen(skb);

--}

--

- /* GSO packet is too big, segment it so that tbf can transmit

-  * each segment in time

-  */

-2.7.4

-

deleted file mode 100644

@@ -1,58 +0,0 @@

-From 8914a595110a6eca69a5e275b323f5d09e18f4f9 Mon Sep 17 00:00:00 2001

-From: Daniel Axtens <dja@axtens.net>

-Date: Wed, 31 Jan 2018 14:15:34 +1100

-Subject: [PATCH] bnx2x: disable GSO where gso_size is too big for hardware

-

-If a bnx2x card is passed a GSO packet with a gso_size larger than

-~9700 bytes, it will cause a firmware error that will bring the card

-down:

-

-bnx2x: [bnx2x_attn_int_deasserted3:4323(enP24p1s0f0)]MC assert!

-bnx2x: [bnx2x_mc_assert:720(enP24p1s0f0)]XSTORM_ASSERT_LIST_INDEX 0x2

-bnx2x: [bnx2x_mc_assert:736(enP24p1s0f0)]XSTORM_ASSERT_INDEX 0x0 = 0x00000000 0x25e43e47 0x00463e01 0x00010052

-bnx2x: [bnx2x_mc_assert:750(enP24p1s0f0)]Chip Revision: everest3, FW Version: 7_13_1

-... (dump of values continues) ...

-

-Detect when the mac length of a GSO packet is greater than the maximum

-packet size (9700 bytes) and disable GSO.

-

-Signed-off-by: Daniel Axtens <dja@axtens.net>

-Reviewed-by: Eric Dumazet <edumazet@google.com>

-Signed-off-by: David S. Miller <davem@davemloft.net>

-Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu>

- drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c | 18 ++++++++++++++++++

- 1 file changed, 18 insertions(+)

-

-diff --git a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c

-index 554c408..72d90b2 100644

-+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c

-@@ -12930,6 +12930,24 @@ static netdev_features_t bnx2x_features_check(struct sk_buff *skb,

- 					      struct net_device *dev,

- 					      netdev_features_t features)

- {

-+	/*

-+	 * A skb with gso_size + header length > 9700 will cause a

-+	 * firmware panic. Drop GSO support.

-+	 *

-+	 * Eventually the upper layer should not pass these packets down.

-+	 *

-+	 * For speed, if the gso_size is <= 9000, assume there will

-+	 * not be 700 bytes of headers and pass it through. Only do a

-+	 * full (slow) validation if the gso_size is > 9000.

-+	 *

-+	 * (Due to the way SKB_BY_FRAGS works this will also do a full

-+	 * validation in that case.)

-+	 */

-+	if (unlikely(skb_is_gso(skb) &&

-+		     (skb_shinfo(skb)->gso_size > 9000) &&

-+		     !skb_gso_validate_mac_len(skb, 9700)))

-+		features &= ~NETIF_F_GSO_MASK;

-+

- 	features = vlan_features_check(skb, features);

- 	return vxlan_features_check(skb, features);

- }

-2.7.4

-

@@ -1,15 +1,15 @@

 %global security_hardening none

 Summary:        Kernel

 Name:           linux-aws

-Version:        4.9.154

-Release:        3%{?kat_build:.%kat_build}%{?dist}

+Version:        4.9.163

+Release:        1%{?kat_build:.%kat_build}%{?dist}

 License:    	GPLv2

 URL:        	http://www.kernel.org/

 Group:        	System Environment/Kernel

 Vendor:         VMware, Inc.

 Distribution: 	Photon

 Source0:        http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz

-%define sha1 linux=1a506bd238df9dbdc81e6b74abc0bb751a45eb5b

+%define sha1 linux=8c716f0109f819a1e361853631ff885994c6b1d9

 Source1:	config-aws

 Source2:	initramfs.trigger

 # common

@@ -47,9 +47,6 @@ Patch30:        vmxnet3-avoid-xmit-reset-due-to-a-race-in-vmxnet3.patch

 Patch31:        vmxnet3-use-correct-flag-to-indicate-LRO-feature.patch

 Patch32:        netfilter-ipset-pernet-ops-must-be-unregistered-last.patch

 Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

-# Fixes for CVE-2018-1000026

-Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

-Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

 # Fix for CVE-2018-8043

 Patch38:        0001-net-phy-mdio-bcm-unimac-fix-potential-NULL-dereferen.patch

 Patch42:        0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch

@@ -220,8 +217,6 @@ This package contains the 'perf' performance analysis tools for Linux kernel.

 %patch31 -p1

 %patch32 -p1

 %patch33 -p1

-%patch34 -p1

-%patch35 -p1

 %patch38 -p1

 %patch42 -p1

 %patch43 -p1

@@ -440,6 +435,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg

 /usr/share/doc/*

 %changelog

+*   Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.163-1

+-   Update to version 4.9.163

 *   Mon Feb 25 2019 Ajay Kaher <akaher@vmware.com> 4.9.154-3

 -   Fix CVE-2018-16882

 *   Thu Feb 21 2019 Him Kalyan Bordoloi <bordoloih@vmware.com> 4.9.154-2

@@ -1,15 +1,15 @@

 %global security_hardening none

 Summary:        Kernel

 Name:           linux-esx

-Version:        4.9.154

-Release:        2%{?dist}

+Version:        4.9.163

+Release:        1%{?dist}

 License:        GPLv2

 URL:            http://www.kernel.org/

 Group:          System Environment/Kernel

 Vendor:         VMware, Inc.

 Distribution:   Photon

 Source0:        http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz

-%define sha1 linux=1a506bd238df9dbdc81e6b74abc0bb751a45eb5b

+%define sha1 linux=8c716f0109f819a1e361853631ff885994c6b1d9

 Source1:        config-esx

 Source2:        initramfs.trigger

 # common

@@ -43,9 +43,6 @@ Patch30:        vmxnet3-avoid-xmit-reset-due-to-a-race-in-vmxnet3.patch

 Patch31:        vmxnet3-use-correct-flag-to-indicate-LRO-feature.patch

 Patch32:        netfilter-ipset-pernet-ops-must-be-unregistered-last.patch

 Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

-# Fixes for CVE-2018-1000026

-Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

-Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

 # Fix for CVE-2018-8043

 Patch38:        0001-net-phy-mdio-bcm-unimac-fix-potential-NULL-dereferen.patch

 Patch42:        0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch

@@ -125,8 +122,6 @@ The Linux package contains the Linux kernel doc files

 %patch31 -p1

 %patch32 -p1

 %patch33 -p1

-%patch34 -p1

-%patch35 -p1

 %patch38 -p1

 %patch42 -p1

 %patch43 -p1

@@ -229,6 +224,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg

 /usr/src/linux-headers-%{uname_r}

 %changelog

+*   Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.163-1

+-   Update to version 4.9.163

 *   Thu Feb 21 2019 Him Kalyan Bordoloi <bordoloih@vmware.com> 4.9.154-2

 -   Fix CVE-2019-8912

 *   Mon Feb 04 2019 Ajay Kaher <akaher@vmware.com> 4.9.154-1

@@ -1,15 +1,15 @@

 %global security_hardening none

 Summary:        Kernel

 Name:           linux-secure

-Version:        4.9.154

-Release:        3%{?kat_build:.%kat_build}%{?dist}

+Version:        4.9.163

+Release:        1%{?kat_build:.%kat_build}%{?dist}

 License:        GPLv2

 URL:            http://www.kernel.org/

 Group:          System Environment/Kernel

 Vendor:         VMware, Inc.

 Distribution:   Photon

 Source0:        http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz

-%define sha1 linux=1a506bd238df9dbdc81e6b74abc0bb751a45eb5b

+%define sha1 linux=8c716f0109f819a1e361853631ff885994c6b1d9

 Source1:        config-secure

 Source2:        aufs4.9.tar.gz

 %define sha1 aufs=ebe716ce4b638a3772c7cd3161abbfe11d584906

@@ -53,9 +53,6 @@ Patch32:        vmxnet3-avoid-xmit-reset-due-to-a-race-in-vmxnet3.patch

 Patch33:        vmxnet3-use-correct-flag-to-indicate-LRO-feature.patch

 Patch34:        netfilter-ipset-pernet-ops-must-be-unregistered-last.patch

 Patch35:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

-# Fixes for CVE-2018-1000026

-Patch36:        0001-net-create-skb_gso_validate_mac_len.patch

-Patch37:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

 # Fix for CVE-2018-8043

 Patch40:        0001-net-phy-mdio-bcm-unimac-fix-potential-NULL-dereferen.patch

 Patch44:        0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch

@@ -186,8 +183,6 @@ EOF

 %patch33 -p1

 %patch34 -p1

 %patch35 -p1

-%patch36 -p1

-%patch37 -p1

 %patch40 -p1

 %patch44 -p1

 %patch45 -p1

@@ -330,6 +325,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg

 /usr/src/linux-headers-%{uname_r}

 %changelog

+*   Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.163-1

+-   Update to version 4.9.163

 *   Mon Feb 25 2019 Ajay Kaher <akaher@vmware.com> 4.9.154-3

 -   Fix CVE-2018-16882

 *   Thu Feb 21 2019 Him Kalyan Bordoloi <bordoloih@vmware.com> 4.9.154-2

@@ -1,15 +1,15 @@

 %global security_hardening none

 Summary:        Kernel

 Name:           linux

-Version:        4.9.154

-Release:        3%{?kat_build:.%kat_build}%{?dist}

+Version:        4.9.163

+Release:        1%{?kat_build:.%kat_build}%{?dist}

 License:    	GPLv2

 URL:        	http://www.kernel.org/

 Group:        	System Environment/Kernel

 Vendor:         VMware, Inc.

 Distribution: 	Photon

 Source0:        http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz

-%define sha1 linux=1a506bd238df9dbdc81e6b74abc0bb751a45eb5b

+%define sha1 linux=8c716f0109f819a1e361853631ff885994c6b1d9

 Source1:	config

 Source2:	initramfs.trigger

 %define ena_version 1.1.3

@@ -51,9 +51,6 @@ Patch31:        vmxnet3-use-correct-flag-to-indicate-LRO-feature.patch

 # To fix kernel PANIC in cascade

 Patch32:        netfilter-ipset-pernet-ops-must-be-unregistered-last.patch

 Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

-# Fixes for CVE-2018-1000026

-Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

-Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

 # Fix for CVE-2018-8043

 Patch38:        0001-net-phy-mdio-bcm-unimac-fix-potential-NULL-dereferen.patch

@@ -187,8 +184,6 @@ This package contains the 'perf' performance analysis tools for Linux kernel.

 %patch31 -p1

 %patch32 -p1

 %patch33 -p1

-%patch34 -p1

-%patch35 -p1

 %patch38 -p1

 %patch42 -p1

 %patch43 -p1

@@ -378,6 +373,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg

 /usr/share/doc/*

 %changelog

+*   Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.163-1

+-   Update to version 4.9.163

 *   Mon Feb 25 2019 Ajay Kaher <akaher@vmware.com> 4.9.154-3

 -   Fix CVE-2018-16882

 *   Thu Feb 21 2019 Him Kalyan Bordoloi <bordoloih@vmware.com> 4.9.154-2